C Exploits

3,570 exploits tracked across all sources.

Sort: Activity Stars
CVE-2002-0652 EXPLOITDB c VERIFIED
xfsmd <6.5.16 - RCE
xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_fs().
by Last Stage of Delirium
CVE-2002-1447 EXPLOITDB c VERIFIED
UNIX VPN Client <3.5.2 - Privilege Escalation
Buffer overflow in the vpnclient program for UNIX VPN Client before 3.5.2 allows local users to gain administrative privileges via a long profile name in a connect argument.
by methodic
CVE-2003-0281 EXPLOITDB c VERIFIED
Firebird <1.5 - Buffer Overflow
Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_inet_server, (2) gds_lock_mgr, or (3) gds_drop.
by bob
CVE-2002-0392 EXPLOITDB c VERIFIED
Apache HTTP Server < 1.3.24 - Denial of Service
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
by Gobbles Security
CVE-2002-0392 EXPLOITDB c VERIFIED
Apache HTTP Server < 1.3.24 - Denial of Service
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
by Gobbles Security
CVE-2002-0968 EXPLOITDB c VERIFIED
Analogx Simpleserver Www < 1.16 - Buffer Overflow
Buffer overflow in AnalogX SimpleServer:WWW 1.16 and earlier allows remote attackers to cause a denial of service (crash) and execute code via a long HTTP request method name.
by Auriemma Luigi
CVE-2002-2338 EXPLOITDB c VERIFIED
Mozilla - Improper Input Validation
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message.
by eldre8
CVE-2002-0767 EXPLOITDB c VERIFIED
simpleinit - Privilege Escalation
simpleinit on Linux systems does not close a read/write FIFO file descriptor before creating a child process, which allows the child process to cause simpleinit to execute arbitrary programs with root privileges.
by Patrick Smith
CVE-2002-1891 EXPLOITDB c VERIFIED
Ayman AKT Ircit - Buffer Overflow
Buffer overflow in IRCIT 0.3.1 IRC client allows remote attackers to execute arbitrary code via a long invite request.
by gobbles
CVE-2002-0949 EXPLOITDB c VERIFIED
Telindus 1100 - Privilege Escalation
Telindus 1100 series ADSL router allows remote attackers to gain privileges to the device via a certain packet to UDP port 9833, which generates a reply that includes the router's password and other sensitive information in cleartext.
by rubik
CVE-2002-0907 EXPLOITDB c VERIFIED
Nullsoft Shoutcast Server - Buffer Overflow
Buffer overflow in SHOUTcast 1.8.9 and other versions before 1.8.12 allows a remote authenticated DJ to execute arbitrary code on the server via a long value in a header whose name begins with "icy-".
by eSDee
CVE-2002-2041 EXPLOITDB c VERIFIED
QNX Rtos - Buffer Overflow
Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 allows local users to execute arbitrary code via (1) a long ABLANG environment variable in phlocale or (2) a long -u option to pkg-installer.
by badc0ded
CVE-2002-2041 EXPLOITDB c VERIFIED
QNX Rtos - Buffer Overflow
Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 allows local users to execute arbitrary code via (1) a long ABLANG environment variable in phlocale or (2) a long -u option to pkg-installer.
by badc0ded
CVE-2002-0876 EXPLOITDB c VERIFIED
Evolvable Corporation Shambala Server - Denial of Service
Web server for Shambala 4.5 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request.
by Shambala
CVE-2002-0905 EXPLOITDB c VERIFIED
IBM Informix - Buffer Overflow
Buffer overflow in sqlexec for Informix SE-7.25 allows local users to gain root privileges via a long INFORMIXDIR environment variable.
by smurf
CVE-2002-0031 EXPLOITDB c VERIFIED
Yahoo Messenger - Buffer Overflow
Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) addview, or (6) addfriend.
by bob
CVE-2002-1827 EXPLOITDB c VERIFIED
Sendmail - Denial of Service
Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2) map, (3) statistics, and (4) pid files.
by zillion
CVE-2002-1827 EXPLOITDB c VERIFIED
Sendmail - Denial of Service
Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2) map, (3) statistics, and (4) pid files.
by zillion
CVE-2002-0894 EXPLOITDB c VERIFIED
NEW Atlanta Communications Servletexec Isapi - Denial of Service
NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service (crash) via (1) a request for a long .jsp file, or (2) a long URL sent directly to com.newatlanta.servletexec.JSP10Servlet.
by Matt Moore
CVE-2002-0799 EXPLOITDB c VERIFIED
Youngzsoft Cmailserver - Buffer Overflow
Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers to execute arbitrary code via a long USER argument.
by Over_G
CVE-2002-0799 EXPLOITDB c VERIFIED
Youngzsoft Cmailserver - Buffer Overflow
Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers to execute arbitrary code via a long USER argument.
by anonymous
CVE-2002-0741 EXPLOITDB c VERIFIED
Psychoid Psybnc - Denial of Service
psyBNC 2.3 allows remote attackers to cause a denial of service (CPU consumption and resource exhaustion) by sending a PASS command with a long password argument and quickly killing the connection, which is not properly terminated by psyBNC.
by Lunar Fault
CVE-2001-0550 EXPLOITDB c VERIFIED
wu-ftpd 2.6.1 - Command Injection
wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).
by Teso
CVE-2002-0163 EXPLOITDB c VERIFIED
Squid < 2.4_9 - Buffer Overflow
Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 and 2.6 until March 12, 2002 distributions, allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via compressed DNS responses.
by Teso
CVE-2002-0379 EXPLOITDB c VERIFIED
University OF Washington Uw-imap - Buffer Overflow
Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request.
by 0x3a0x29 crew
By Source
All 3,570 Exploitdb 50,135 Writeup 46,968 Nomisec 21,259 Metasploit 3,228 Github 2,444 Vulncheck_xdb 900 Inthewild 518 Gitlab 439 Gitee 415 Patchapalooza 312
By Language
text 31,346 ruby 5,959 python 5,832 c 3,570 perl 2,854 html 2,055 php 1,334 bash 459 java 360 javascript 260 c++ 247 shell 87 go 47 postscript 25 xml 24